CSOonline

Salt Security adds defense against OAuth attacks

Salt Security has added a new OAuth security offering to its API protection platform to help organizations detect attempts to exploit OAuth and fix vulnerabilities associated with the protocol. OAuth ...
Security Boulevard

ConsentFix v3 Automates OAuth Abuse to Bypass MFA and Hijack Azure Accounts

What happened A third iteration of the ConsentFix attack technique has been circulating on hacker forums, introducing automation and scalability to a method that abuses Microsoft Azure’s OAuth2 ...
Business Wire

Nylas Announces First-Ever Program to Simplify the Google OAuth Verification Process and Security Assessment for Developers

SAN FRANCISCO--(BUSINESS WIRE)--Nylas, a leading provider of communications APIs for developers, today announced a strategic partnership with Leviathan Security Group, a leading Information Security ...
CSOonline

Failure to verify OAuth tokens enables account takeover on websites

Report shows the importance of ensuring OAuth implementation is secure to protect against identity theft, financial fraud, and access to personal information ...